The six most commonly discussed data protection regulations are the European Union’s GDPR, the California Consumer Privacy Act (CCPA) and Health Insurance Portability and Accountability Act (HIPAA) in the United States, Brazil’s LGPD, Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and the Australian Data Privacy Law.
These regulations establish the who-what-when-where-how and why of data governance – a set of principles, practices and in some cases obligations that define how data is managed, reported and maintained. Effective data governance ensures that data is consistent and trustworthy and is not misused.
Importantly, defining what data governance means to an organisation is one of the good practices that should be adopted in an organisation’s journey towards compliance.
By understanding the common elements in each regulation as it relates to data governance, we can gain a more thorough understanding of the actions available to businesses in the stated regions which will subsequently help to prepare organisations for likely additions to data law as they become enacted.
Also it’s important to note that organizing and improving data flows does not just ensure compliance with current regulatory regimes but acts as a strong foundation for future legal developments.